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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 Responsive to communication(s) filed on 01 August 2001 . 
2a)Q This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) £3 Claim(s) 1-31 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) S Claim(s) 1-31 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) H3 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)IEI All b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) S Notice of References Cited (PTO-892) 

2) [U Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) ^ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date see Office Action . 



4) O Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) □ Notice of Informal Patent Application (PTO-152) 

6) □ Other: . 



U.S. Patent and Trademark Office 
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DETAILED ACTION 



Information Disclosure Statement 



1 . The Information Disclosure Statements filed on 05 March 2002, 01 May 2002, 18 
March 2003, and 15 December 2003 have been considered by the Examiner. 



Specification 



2. Applicant is reminded of the proper language and format for an abstract of the 
disclosure. 

The abstract should be in narrative form and generally limited to a single 
paragraph on a separate sheet within the range of 50 to 1 50 words. It is important that 
the abstract not exceed 150 words in length since the space provided for the abstract 
on the computer tape used by the printer is limited. The form and legal phraseology 
often used in patent claims, such as "means" and "said," should be avoided. The 
abstract should describe the disclosure sufficiently to assist readers in deciding whether 
there is a need for consulting the full patent text for details. 

The language should be clear and concise and should not repeat information 
given in the title. It should avoid using phrases which can be implied, such as, "The 
disclosure concerns," "The disclosure defined by this invention," "The disclosure 
describes," etc. 



3. The disclosure is objected to because of the following informalities: 

The disclosure is objected to because it contains an embedded hyperlink and/or 
other form of browser-executable code (see page 6, line 7; page 16, lines 24 and 25; 
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and page 17, lines 1 and 4). Applicant is required to delete the embedded hyperlink 
and/or other form of browser-executable code. See MPEP § 608.01. 

The lengthy specification has not been checked to the extent necessary to 
determine the presence of all possible minor errors. Applicant's cooperation is 
requested in correcting any errors of which applicant may become aware in the 
specification. 

Appropriate correction is required. 

Claim Objections 

4. Claim 13 is objected to because of the following informalities: The claim recites 
the limitation u to use of the input data" in lines 26-27. It appears that this is intended to 
read either "to use the input data" or "for use of the input data". Appropriate correction 
is required. 

Claim Rejections - 35 USC §112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

6. Claims 1-23 and 30-31 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. 



Application/Control Number: 09/920,554 Page 4 

Art Unit: 2137 

Claim 1 recites the limitation "at least some of the processes" in lines 9 and 12. 
Further, Claim 2 recites the limitation "at least some of the processes" in line 19, Claim 
22 recites the same limitation in line 21, and Claim 30 also recites the same limitation in 
lines 24-25. The use of the phrase "at least some" renders the limitation vague because 
it does not describe a specific numerical range nor does it provide a clear basis for 
comparison. This renders the claims indefinite. 

Claim 23 recites the limitation "the monitoring process provides an integrity 
metric of the computing platform to the requestor current when the service was 
performed". This is generally vague, specifically the phrase "current when the service 
was performed", as it is not clear whether "current" is modifying the "integrity metric", 
"the computing platform", or "the requestor". This renders the claim indefinite. For 
purposes of interpreting the prior art, it is assumed that the phrase is intended to refer to 
the "integrity metric" as "current". 

Claims 3-21 and 31 are rejected due to their dependence on rejected base 

claims. 

Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
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applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

8. Claims 1-6, 14-26, and 29-31 are rejected under 35 U.S.C. 102(e) as being 
anticipated by McNabb et al, US Patent 6289462. 

In reference to Claims 1 and 2, McNabb discloses a method including a 
requester providing a specification of a service to be performed that establishes levels 
of trust for processes in the service (see, for example, column 19, line 55-column 20, 
line 2, where different processes are specified for different sensitivity levels) and a 
computing platform executing the service according to the specification (see the Trusted 
Server of Figure 1, and column 5, lines 20-29) and logging performance of the 
processes and providing the log to the requestor (the audit trail described at column 7, 
lines 28-33). 

In reference to Claim 3, McNabb further discloses a protected computing 
environment (see Figure 1 ). 

In reference to Claims 4 and 23, McNabb further discloses measuring integrity of 
the platform (see column 8, lines 40-45, regarding the trusted computer system). 

In reference to Claim 5, McNabb further discloses a management process that 
allocates the execution of processes and logging to environments associated with the 
platform (see column 21 , lines 34-55). 

In reference to Claim 6, McNabb further discloses the management process 
within the protected environment (see column 21 , line 34-column 22, line 2). 
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In reference to Claim 14, McNabb further discloses that a process may be 
swapped between environments (see column 11, line 66-column 12, line 14). 

In reference to Claims 15-20, McNabb further discloses logging input data, output 
data, and executed program instructions of a process (see column 7, lines 28-33; 
column 23, lines 26-35). 

In reference to Claim 21 , McNabb further discloses encrypting the logging data 
(column 23, lines 26-35, where the audit record is protected). 

In reference to Claim 22, McNabb further discloses the specification of the 
service establishing logging parameters for the processes (column 23, lines 26-35). 

In reference to Claim 24, McNabb discloses a platform including a protected 
computing environment (see Figure 1) and one or more compartments (column 17, lines 
9-14), in which processes may be executed for a user in the compartments and the 
results of the processes may be returned to the user as trustworthy data from the 
protected environment (see, for example, column 6, lines 20-23). 

In reference to Claim 25, McNabb further discloses that the compartments may 
be located outside the protected environment (Figure 12; column 17, lines 57-61). 

In reference to Claim 26, McNabb further discloses that the compartments may 
be located inside the protected environment (Figure 12; column 17, lines 57-61). 

In reference to Claim 29, McNabb further discloses measuring integrity of the 
platform (see column 8, lines 40-45, regarding the trusted computer system). 
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In reference to Claim 30, McNabb further discloses a management process that 
receives a service description including levels of trust for processes within the service, 
and that allocates the processes to the compartments (column 21, lines 34-55). 

In reference to Claim 31 , McNabb further discloses the management process 
within the protected environment (column 21, line 34-column 22, line 2). 

Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. Claims 7-13 and 27-28 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over McNabb in view of "HP Virtualvault Trusted Web-server Platform 
Product Brief, hereinafter "Virtualvault". 

In reference to Claim 7, McNabb discloses everything as applied to Claim 5 
above. McNabb further discloses the use of compartments (see, for example, column 
17, lines 9-14). However, McNabb does not explicitly disclose that the compartment 
contains a protected computing engine. Virtualvault discloses a computing platform that 
includes the use of compartments, which include protected computing engines (see 
page 3, "Data Partitioning Separates and Secures Files"). Therefore, it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to 
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modify the method of McNabb to include compartments containing protected computing 
engines, in order to provide security for web servers (see Virtualvault, page 2, 
"Virtualvault: The Answer to Secure Access"). 

In reference to Claim 8, Virtualvault further discloses a Java virtual machine (see 
page 4, "A 'Vaulted' Java Virtual Machine"). 

In reference to Claim 9, McNabb further discloses that one or more 
compartments are located in the protected environment (see Figure 12; column 17, 
lines 57-61 ). Further, Virtualvault further discloses that one or more compartments are 
located within the protected environment (see page 3, the INSIDE compartment). 

In reference to Claim 10, McNabb further discloses that the computing engine is 
prohibited from operating on input data if it is not permitted to do so (see column 8, lines 
10-15 on Mandatory Access Control). 

In reference to Claim 11, McNabb further discloses that input data and processes 
are each provided with a type, and that the operation is prevented if the types do not 
match (see column 8, lines 10-15 on Mandatory Access Control). 

In reference to Claims 12 and 13, McNabb further discloses that the input data 
may have an owner, and that the process may be required to inform the owner of the 
use of the data or to obtain consent from the owner to use the data (see column 8, line 
54-column 9, line 4). 

In reference to Claims 27 and 28, McNabb discloses everything as applied to 
Claim 24 above. However, McNabb does not explicitly disclose that the compartment 
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contains a protected computing engine, specifically a Java virtual machine. Virtualvault 
discloses a computing platform that includes the use of compartments, which include 
protected computing engines (see page 3, "Data Partitioning Separates and Secures 
Files"). Virtualvault further specifically discloses a Java virtual machine (see page 4, "A 
Vaulted* Java Virtual Machine"). Therefore, it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to modify the method of 
McNabb to include compartments containing protected computing engines, specifically 
Java virtual machines, in order to provide security for web servers (see Virtualvault, 
page 2, "Virtualvault: The Answer to Secure Access"). 

Conclusion 



1 1 . The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. England et al, US Patent 6327652, discloses a system that includes 
validating digital signatures of operating system components in order to measure 
the integrity of the system. 

b. Merkling et al, European Patent Application EP 082551 1 , disclose a 
trusted computing system that includes processes running in trusted 
compartments. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Zachary A Davis whose telephone number is (571 ) 272- 
3870. The examiner can normally be reached on weekdays 8:30-6:00, alternate 
Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on (571 ) 272-3868. The fax phone 
number for the organization where this application or proceeding is assigned is 703- 



Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



872-9306. 





ANDREW CALDWELL 
SUPERVISORY RATENT EXAMINER 



